CVE-2026-21423

MEDIUM

6.7

Description

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of privileges, and information disclosure.

CVE Details

CVSS v3.1 Score6.7

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredHIGH

User InteractionNONE

Published3/4/2026

Last Modified3/4/2026

Sourcenvd

Honeypot Sightings0

Affected Products

dell:powerscale_onefs

Weaknesses (CWE)

CWE-276

References

https://www.dell.com/support/kbdoc/en-sg/000432452/dsa-2026-038-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities(security_alert@emc.com)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.